package cn.lingxue.lingapi.config;

import cn.dev33.satoken.stp.StpUtil;

import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import java.io.IOException;
import java.util.Arrays;
import java.util.List;

public class SaTokenFilter implements Filter {

    private static final List<String> WHITE_LIST = Arrays.asList("/api/auth/login", "/api/auth/sendSms");

    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
        HttpServletRequest httpRequest = (HttpServletRequest) request;
        String requestURI = httpRequest.getRequestURI();

        // 如果请求的 URI 在白名单中，直接放行
        if (WHITE_LIST.stream().anyMatch(requestURI::startsWith)) {
            chain.doFilter(request, response);
            return;
        }

        // 否则，进行 Sa-Token 的登录验证
        StpUtil.checkLogin();
        chain.doFilter(request, response);
    }

}
